Tag: automation

So, you are a sysadmin living/managing servers in Egypt or in Egypt’s timezone. Or even a good faithful linux user. The government, in it’s infinite wisdom, decided that we should go back to DST. Are you sure you are ready for this?

Since I do run servers a lot of servers in the Africa/Cairo timezone, mostly Ubuntu LTS and Debian servers, I looked to see if there is an update for the tzdata package in Ubuntu that would include this, but couldn’t find any (bug report ?).

Although it’s not the best way to do this, I decided to create the timezone datafile myself. IANA is responsible for providing the datafiles. I downloaded the datafiles package, untared it, and checked the the africa file I was happy to see this:

This should be it! However, this is not meant to be a permanent solution. You should update your tzdata package as soon as the next update is released.

UPDATE: I just found out that the Ubuntu had released a critical update to fix this problem. You don’t need to perform these steps now, just make sure to get the latest tzdata package. Not sure about debian, yet.

Ansible has a dedicated module to manage public keys; the authorized_key module. It’s a very nice module, with enough flexibility to do almost anything I can think of.

However, it does have one very annoying thing. While I was migrating our automation scripts to ansible; I got to the point where I was working on the script that provisions our users. By default, we disabled all password authentication and root SSH access. Only key based access is allowed.

I found that I have to actually put the public SSH key strings inside the playbook vars. That’s just not cool. SSH keys are long, they might have specific options (although the authorized_key module allows you to configure that) and it’s harder to maintain the list of keys like this. So, I tried to work around this. My target was to add the public SSH keys for my users as static files in an ansible role. Basically, I will be populating my my group_vars files by reading files inside my roles.

First, I added the public key files in the ‘files‘ directory of the role I was using to configure the users.

Now, I have to find a way to “read” the key files and set them in the vars file. Fortunately, ansible provides Lookup plugins that allows me to do just that!

I am working on a playbook for configuring Apache 2.4 for a complex application. The plan to run the application on an IaaS cloud(ish) platform. We need to control the Apache worker settings via the playbook since there will be several “flavors” of cloud instances with different sizes and configurations. I was considering using a template for the configuration file. But since I am playing..

I decided to take a shot at using the lineinfile module, which I find really cool! And to make this a bit more interesting, I wanted to this this using ansible loops, not one configuration item at a time.

So, basically, this is the first shot at getting this done, there is a lot of room for improvement: